Name | sol_printer_conf |
CVE | CVE-2008-2144 |
Exploit Pack | CANVAS |
Description | sol_printer_conf |
Notes | CVE Name: CVE-2008-2144 VENDOR: Sun Advisory: http://sunsolve.sun.com/search/document.do?assetkey=1-66-236884-1 Notes: This exploit gets remote root on Solaris servers given a working printer name. Resolved by: SPARC Platform * Solaris 8 with patch 109320-20 or later * Solaris 9 with patch 113329-19 or later * Solaris 10 with patch 126672-02 or later x86 Platform * Solaris 8 with patch 109321-20 or later * Solaris 9 with patch 114980-20 or later * Solaris 10 with patch 126673-02 or later Guessing the wrong printer gives a log message in /var/adm/messages Jun 4 12:00:56 unknown bsd-gw[1979]: [ID 937800 lpr.error] request to printer (unknown printer) from ::ffff:192.168.172.1 Locally: cat /var/spool/lp/system/pstatus Will print out a list of printers. huhu2 is the printer name below: +========== huhu2 enabled accepting 1210965172 1210965198 new printer new destination Date public: 5/9/2008 CVE Url: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2144 CVSS: 10.0 |
Learn more about the CANVAS Exploit Pack here: CANVAS |